What is claimed: 



11. A method of establishing a private network commmiity (PNC) among a plurality of 

2 clients configured to be linked over one or more of a plurality of communication 

3 channels, said method comprising: 

4 A. linking to a virtual network generation (VNG) system, having access to said 

5 communication channels, and establishing a set of PNC attributes, including 

6 establishing a set of client attributes associated with said clients and a set of 

7 network attributes; 

8 B. accessing a VNG system data store including PNC information related to said 
;,9 plurality of clients and a plurality of network types; 

IP C. authenticating each of said clients, as a function of said PNC information; and 

W D. establishing said PNC as a fimction of said set of PNC attributes, inchiding 

fi designating a virtual PNC address for each of said clients and linking said 

13 clients as if they were connected via a LAN. 

2. The method according to claim 1 wherein said plurality of clients is operated by a 

2 corresponding plurality of users and said data store includes identification information 

3 related to said plurality of users. 

1 3. The method according to claim 1 wherein at least one of said plurality of clients is 

2 chosen from a group of network enabled devices comprising: 

3 1) a personal computer; 

4 2) a personal digital assistant; 
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5 3) a mobile cellular telephone; 

6 4) a network appliance; 

7 5) a digitally loadable music or video player; 

8 6) an on-line video game; and 

9 7) a home appliance. 

1 4. The method according to claim 1 wherem at least one of said plurality of 

2 communication channels is chosen from a group comprising: 

3 1) Internet; 

Q 2) a cable network; 

-2 3) metropolitan area networks (MAN); 

4) a power-line network; 

\!t 5) a telephone line; 

S 6) a satellite link; and 

7) wireless networks. 

1 5. The method according to claim 1 wherein said client attributes include, for each client: 

2 1) an identification attribute, identifying said client; and 

3 2) a PNC address attribute, identifying a network location of said client. 

1 6, The method according to claim 1 wherein said network attributes include: 

2 1) a security management attribute, identifying a network security level to 

3 which said PNC must adhere. 
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1 7. The method of claim 1 further comprising: 

2 E. selectively disestablishing said PNC in response to a termination event. 

1 8. The method according to claim 7 wherein step E includes: 

2 1) disassociating each of said designated addresses from said clients. 

1 9, The method according to claim 7 wherein said termmation event includes one of more 

2 of the following: 

3 1) issuing a termination command by at least one of said clients to said 
:^ VNG system; 

[Is 2) detecting completion of a predefined set of tasks; 

3) detecting a security violation; and 

- 7 4) lapsing of a termination point in time. 

4i 10. The method according to claim 1 further comprising: 

^'i E. modifying said PNC attributes; and 

3 F. modifying said client links as a function of said modified PNC attributes. 

1 11. The method of claim 1 , further comprising: 

2 E. sending a packet across said PNC, from a first client to a second client, wherein 

3 said sending said packet includes: 

4 1) grabbing a packet destined for the virtual network card; 

5 2) identifying said packet; 
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6 3) wrapping said packet in a wrapper frame by said first client; 

7 4) transmitting said packet from said first client and receiving said packet 

8 by said second client; 

9 5) unwrapping said packet by said second client, and 

10 6) injecting said packet into a networking driver interface system of said 

1 1 second client, as if said packet was received by a standard network card 

12 of said second client. 

1 12. The method of claim 11 wherein sub-step 4) includes: 

S a) sending said packet to a VNG server of said VNG system; and 

J b) forwarding said packet by said VNG server to a set of 

fl destinations clients, including said second client, associated with 

L| said packet. 

a 13. The method of claim 12, wherein said first client implements a first protocol and said 

^4 second client implements a second protocol, and wherein sub-step 3 includes wrapping 

3 said packet in a frame compatible with said first protocol and sub-step b) includes: 

4 i. unwrapping said packet; and 

5 ii. re-wrapping said packet in a frame that is compatible with 

6 said second protocol. 

7 iii. transmitting said re-wrapped packet to said second client. 

1 14. The method of claim 11, wherein sub-step 3) includes compressing said message 
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according to said network attributes and sub-step 5) includes decompressing of said 
message. 

15. The method of claim 11, wherein sub-step 3) includes encrypting said message 
according to said network attributes and sub-step 5) includes decrypting said message. 

16. The method of claim 1, wherein said VNG system includes a billing manager, said 
method further comprising: 

E. monitormg usage of said PNC by said plurality of devices and generating, as a 
function of said usage, a corresponding usage bill. 

17. The method of claim 1 wherein step B includes: 

1) accessing a VNG system Web site. 

18. A virtual network generation (VNG) system configured to establish and manage a 
plurality of PNCs among a plurality of clients and over a plurality of communication 
channels, said VNG system comprising: 

A. a data store including PNC information related to said clients and a plurality of 
network types; 

B. a VNG processing device coupled to said data store, said VNG processing 
device including: 

1) an authentication manager, configured to receive, store and selectively 
authenticate a PNC workgroup of clients from said plurality of clients, as 
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10 a function of a client identification; 

11 2) a PNC manager, configured to receive and store a set of PNC attributes 

12 related to a PNC to be established, wherein said PNC attributes identify 

13 the PNC workgroup and a set of PNC security requirements; 

14 3) a PNC routing manager, configured to generate a PNC address for each 

15 client; and 

16 4) a communication manager, configured to Imk said clients, as if they 

17 were connected via a LAN, as a function of said PNC attributes; and 

18 C. a network interface system coupling said VNG processing device to at least one 

of said plurality of communication channels. 

H 19. A VNG system according to claim 18, further comprising: 

h12 D. a PNC termination manager, configured to selectively terminate said PNC in 

^3 response to a termination event. 

n 20. A VNG system according to claim 19 wherem said termination manager is configured 

2 to disassociate each of said designated addresses from said clients. 

1 21. A VNG system according to claim 19 wherein said termination event includes at least 

2 one of the following: 

3 1) issuing a termination command by at least one of said clients to said 

4 VNG system; 

5 2) detecting completion of a predefmed set of tasks; 
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6 3) detecting a security violation; and 

7 4) lapsing of a termination point in time. 

1 22. A VNG system according to claim 18 wherein said plurality of clients is operated by a 

2 corresponding plurality of users and said data store includes identification information 

3 related to said plurality of users. 

1 23. A VNG system according to claim 18 wherein at least one of said plurality of clients is 

2 chosen from a group of network enabled devices comprising: 
,,3 1) a personal computer; 

si 2) a personal digital assistant; 

^3 3) a mobile cellular telephone; 

4) a network appliance; 

I J 5) a digitally loadable music or video player; 

1:8 6) an on-line video game; and 

7) a home appliance. 

1 24. A VNG system according to claim 18 wherein at least one of said plurality of 

2 communication channels is chosen from a group comprising: 

3 1) Internet; 

4 2) a cable network; 

5 3) metropolitan area networks (MAN); 

6 4) a power-line network; 
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7 5) a telephone line; 

8 6) a satellite link; and 

9 7) wireless networks. 

1 25. A VNG system according to claim 18 wherein said client attributes include, for each 

2 client: 

3 1) an identification attribute, identifying said client; and 

4 2) a PNC address attribute, identifying a network location of said client. 

iA. 26. A VNG system according to claim 18, further including: 

a D. a front end VNG system Web site. 

27. A VNG system according to claim 18 wherein said network attributes include: 

^ 2 1) a security management attribute, identifying a network security level to 

H which said PNC must adhere, 

Q 28. A VNG system according to claim 18 wherein said PNC manager includes configured 

2 to: 

3 a) PNC attribute modifier; and 

4 b) PNC client link modifier, configured to modify said client links 

5 as a function of a set of modified PNC attributes. 

1 29. A VNG system according to claim 18, wherein each client in said PNC includes: 

2 D. a client module configured to wrap packets to be transmitted in a wrapper 
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3 frame, wherein said wrapper frame is compatible with at least one of said 

4 plurality of communication channels and a corresponding communication 

5 protocol. 

1 30. A VNG system according to claim 18, wherein message traffic within said PNC is 

2 encrypted. 

1 31, A VNG system according to clarni 18, wherein said VNG processing device further 

2 includes 

J. 5) a usage monitor configured to monitor usage of said PNC by said plurality of 

5i clients and generate corresponding usage information; and 

# 6) a billing manager, configured to generate a corresponding invoice, as a function 
of said usage information. 
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